CVE-2025-25621

Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacherid=2&semesterid=1...

ZKTeco BioTime Path Traversal Vulnerability

ZKTeco BioTime is a powerful web-based time and attendance management software from the Chinese company ZKTeco. A path traversal vulnerability exists in ZKTeco BioTime v8.5.5 that could allow an unauthenticated attacker to arbitrarily reset the administrator password via a crafted web request...

Larvata Flygo 安全漏洞

Larvata Flygo is an attendance clocking software from Larvata Taiwan. Larvata Flygo contains Insecure Direct Object Reference has a security vulnerability that allows a remote attacker, after authenticating as a normal user, to access a specific employee's sign-in record by manipulating the...

NCH FlexiServer 路径遍历漏洞

NCH FlexiServer is a functional time and attendance software.NCH FlexiServer has a directory traversal vulnerability, which originates from the product's syslog?file=/... Failure to filter special characters, an attacker can use this vulnerability to obtain sensitive information...

SQL Injection Vulnerability in Ma***.aspx Page of Eqin WEB Attendance Management Software

Easy Attendance WEB attendance management software is a network version of the B / S architecture WEB attendance management software. The Ma.aspx page of EaseUS WEB Attendance Management Software has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive informatio...